new upstream version 1.7.7

GOST is now enabled

.gitignore

@@ -13,3 +13,4 @@ libgcrypt-1.4.5-hobbled.tar.bz2
 /libgcrypt-1.7.3-hobbled.tar.xz
 /libgcrypt-1.7.5-hobbled.tar.xz
 /libgcrypt-1.7.6-hobbled.tar.xz
+/libgcrypt-1.7.7-hobbled.tar.xz

ecc-curves.c

@@ -60,6 +60,18 @@ static const struct
     { "NIST P-521", "1.3.132.0.35" },
     { "NIST P-521", "nistp521"   },          /* rfc5656.  */
 
+    { "GOST2001-test", "1.2.643.2.2.35.0" },
+    { "GOST2001-CryptoPro-A", "1.2.643.2.2.35.1" },
+    { "GOST2001-CryptoPro-B", "1.2.643.2.2.35.2" },
+    { "GOST2001-CryptoPro-C", "1.2.643.2.2.35.3" },
+    { "GOST2001-CryptoPro-A", "GOST2001-CryptoPro-XchA" },
+    { "GOST2001-CryptoPro-C", "GOST2001-CryptoPro-XchB" },
+    { "GOST2001-CryptoPro-A", "1.2.643.2.2.36.0" },
+    { "GOST2001-CryptoPro-C", "1.2.643.2.2.36.1" },
+
+    { "GOST2012-tc26-A", "1.2.643.7.1.2.1.2.1" },
+    { "GOST2012-tc26-B", "1.2.643.7.1.2.1.2.2" },
+
     { "secp256k1", "1.3.132.0.10" },
 
     { NULL, NULL}
@@ -178,6 +190,103 @@ static const ecc_domain_parms_t domain_parms[] =
       "0x01"
     },
 
+    {
+      "GOST2001-test", 256, 0,
+      MPI_EC_WEIERSTRASS, ECC_DIALECT_STANDARD,
+      "0x8000000000000000000000000000000000000000000000000000000000000431",
+      "0x0000000000000000000000000000000000000000000000000000000000000007",
+      "0x5fbff498aa938ce739b8e022fbafef40563f6e6a3472fc2a514c0ce9dae23b7e",
+      "0x8000000000000000000000000000000150fe8a1892976154c59cfc193accf5b3",
+
+      "0x0000000000000000000000000000000000000000000000000000000000000002",
+      "0x08e2a8a0e65147d4bd6316030e16d19c85c97f0a9ca267122b96abbcea7e8fc8",
+      "0x01"
+    },
+    {
+      "GOST2001-CryptoPro-A", 256, 0,
+      MPI_EC_WEIERSTRASS, ECC_DIALECT_STANDARD,
+      "0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd97",
+      "0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd94",
+      "0x00000000000000000000000000000000000000000000000000000000000000a6",
+      "0xffffffffffffffffffffffffffffffff6c611070995ad10045841b09b761b893",
+      "0x0000000000000000000000000000000000000000000000000000000000000001",
+      "0x8d91e471e0989cda27df505a453f2b7635294f2ddf23e3b122acc99c9e9f1e14",
+      "0x01"
+    },
+    {
+      "GOST2001-CryptoPro-B", 256, 0,
+      MPI_EC_WEIERSTRASS, ECC_DIALECT_STANDARD,
+      "0x8000000000000000000000000000000000000000000000000000000000000c99",
+      "0x8000000000000000000000000000000000000000000000000000000000000c96",
+      "0x3e1af419a269a5f866a7d3c25c3df80ae979259373ff2b182f49d4ce7e1bbc8b",
+      "0x800000000000000000000000000000015f700cfff1a624e5e497161bcc8a198f",
+      "0x0000000000000000000000000000000000000000000000000000000000000001",
+      "0x3fa8124359f96680b83d1c3eb2c070e5c545c9858d03ecfb744bf8d717717efc",
+      "0x01"
+    },
+    {
+      "GOST2001-CryptoPro-C", 256, 0,
+      MPI_EC_WEIERSTRASS, ECC_DIALECT_STANDARD,
+      "0x9b9f605f5a858107ab1ec85e6b41c8aacf846e86789051d37998f7b9022d759b",
+      "0x9b9f605f5a858107ab1ec85e6b41c8aacf846e86789051d37998f7b9022d7598",
+      "0x000000000000000000000000000000000000000000000000000000000000805a",
+      "0x9b9f605f5a858107ab1ec85e6b41c8aa582ca3511eddfb74f02f3a6598980bb9",
+      "0x0000000000000000000000000000000000000000000000000000000000000000",
+      "0x41ece55743711a8c3cbf3783cd08c0ee4d4dc440d4641a8f366e550dfdb3bb67",
+      "0x01"
+    },
+    {
+      "GOST2012-test", 511, 0,
+      MPI_EC_WEIERSTRASS, ECC_DIALECT_STANDARD,
+      "0x4531acd1fe0023c7550d267b6b2fee80922b14b2ffb90f04d4eb7c09b5d2d15d"
+      "f1d852741af4704a0458047e80e4546d35b8336fac224dd81664bbf528be6373",
+      "0x0000000000000000000000000000000000000000000000000000000000000007",
+      "0x1cff0806a31116da29d8cfa54e57eb748bc5f377e49400fdd788b649eca1ac4"
+      "361834013b2ad7322480a89ca58e0cf74bc9e540c2add6897fad0a3084f302adc",
+      "0x4531acd1fe0023c7550d267b6b2fee80922b14b2ffb90f04d4eb7c09b5d2d15d"
+      "a82f2d7ecb1dbac719905c5eecc423f1d86e25edbe23c595d644aaf187e6e6df",
+
+      "0x24d19cc64572ee30f396bf6ebbfd7a6c5213b3b3d7057cc825f91093a68cd762"
+      "fd60611262cd838dc6b60aa7eee804e28bc849977fac33b4b530f1b120248a9a",
+      "0x2bb312a43bd2ce6e0d020613c857acddcfbf061e91e5f2c3f32447c259f39b2"
+      "c83ab156d77f1496bf7eb3351e1ee4e43dc1a18b91b24640b6dbb92cb1add371e",
+      "0x01"
+    },
+    {
+      "GOST2012-tc26-A", 512, 0,
+      MPI_EC_WEIERSTRASS, ECC_DIALECT_STANDARD,
+      "0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"
+        "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffdc7",
+      "0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"
+        "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffdc4",
+      "0xe8c2505dedfc86ddc1bd0b2b6667f1da34b82574761cb0e879bd081cfd0b6265"
+        "ee3cb090f30d27614cb4574010da90dd862ef9d4ebee4761503190785a71c760",
+      "0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"
+        "27e69532f48d89116ff22b8d4e0560609b4b38abfad2b85dcacdb1411f10b275",
+      "0x0000000000000000000000000000000000000000000000000000000000000000"
+        "0000000000000000000000000000000000000000000000000000000000000003",
+      "0x7503cfe87a836ae3a61b8816e25450e6ce5e1c93acf1abc1778064fdcbefa921"
+        "df1626be4fd036e93d75e6a50e3a41e98028fe5fc235f5b889a589cb5215f2a4",
+      "0x01"
+    },
+    {
+      "GOST2012-tc26-B", 512, 0,
+      MPI_EC_WEIERSTRASS, ECC_DIALECT_STANDARD,
+      "0x8000000000000000000000000000000000000000000000000000000000000000"
+        "000000000000000000000000000000000000000000000000000000000000006f",
+      "0x8000000000000000000000000000000000000000000000000000000000000000"
+        "000000000000000000000000000000000000000000000000000000000000006c",
+      "0x687d1b459dc841457e3e06cf6f5e2517b97c7d614af138bcbf85dc806c4b289f"
+        "3e965d2db1416d217f8b276fad1ab69c50f78bee1fa3106efb8ccbc7c5140116",
+      "0x8000000000000000000000000000000000000000000000000000000000000001"
+        "49a1ec142565a545acfdb77bd9d40cfa8b996712101bea0ec6346c54374f25bd",
+      "0x0000000000000000000000000000000000000000000000000000000000000000"
+        "0000000000000000000000000000000000000000000000000000000000000002",
+      "0x1a8f7eda389b094c2c071e3647a8940f3c123b697578c213be6dd9e6c8ec7335"
+        "dcb228fd1edf4a39152cbcaaf8c0398828041055f94ceeec7e21340780fe41bd",
+      "0x01"
+    },
+
     {
       "secp256k1", 256, 0,
       MPI_EC_WEIERSTRASS, ECC_DIALECT_STANDARD,

ecc-gost.c

@@ -1,56 +0,0 @@
-/* ecc-gots.c  -  Elliptic Curve GOST signatures
- * Copyright (C) 2007, 2008, 2010, 2011 Free Software Foundation, Inc.
- * Copyright (C) 2013 Dmitry Eremin-Solenikov
- *
- * This file is part of Libgcrypt.
- *
- * Libgcrypt is free software; you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * Libgcrypt is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this program; if not, see <http://www.gnu.org/licenses/>.
- */
-
-#include <config.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-
-#include "g10lib.h"
-#include "mpi.h"
-#include "cipher.h"
-#include "context.h"
-#include "ec-context.h"
-#include "ecc-common.h"
-#include "pubkey-internal.h"
-
-
-/* Compute an GOST R 34.10-01/-12 signature.
- * Return the signature struct (r,s) from the message hash.  The caller
- * must have allocated R and S.
- */
-gpg_err_code_t
-_gcry_ecc_gost_sign (gcry_mpi_t input, ECC_secret_key *skey,
-                     gcry_mpi_t r, gcry_mpi_t s)
-{
-  return GPG_ERR_UNSUPPORTED_ALGORITHM;
-}
-
-
-/* Verify a GOST R 34.10-01/-12 signature.
- * Check if R and S verifies INPUT.
- */
-gpg_err_code_t
-_gcry_ecc_gost_verify (gcry_mpi_t input, ECC_public_key *pkey,
-                       gcry_mpi_t r, gcry_mpi_t s)
-{
-  return GPG_ERR_UNSUPPORTED_ALGORITHM;
-}

hobble-libgcrypt

@@ -7,6 +7,5 @@ set -e -x
 # EC:    ????????? ??/??/2015
 
 rm -f cipher/ecc-curves.c
-rm -f cipher/ecc-gost.c
 rm -f tests/curves.c
 rm -f tests/t-mpi-point.c

libgcrypt-1.7.3-ecc-test-fix.patch

@@ -1,51 +1,15 @@
-diff -up libgcrypt-1.7.3/tests/basic.c.eccfix libgcrypt-1.7.3/tests/basic.c
---- libgcrypt-1.7.3/tests/basic.c.eccfix	2016-04-15 09:42:06.000000000 +0200
-+++ libgcrypt-1.7.3/tests/basic.c	2016-11-22 18:43:19.732897206 +0100
-@@ -8506,6 +8506,7 @@ check_pubkey_sign_ecdsa (int n, gcry_sex
-         /* */          "000102030405060708090A0B0C0D0E0F#))",
-         0
-       },
-+#if 0
-       { 256,
-         "(data (flags gost)\n"
-         " (value #00112233445566778899AABBCCDDEEFF"
-@@ -8530,6 +8531,7 @@ check_pubkey_sign_ecdsa (int n, gcry_sex
-         /* */    "000102030405060708090A0B0C0D0E0F#))",
-         0
-       },
-+#endif
-       { 0, NULL }
-     };
- 
-@@ -9136,6 +9138,7 @@ check_pubkey (void)
-       "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
-       "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" }
-   },
-+#if 0
-   { /* GOST R 34.10-2001/2012 test 256 bit.  */
-     GCRY_PK_ECDSA, FLAG_SIGN,
-     {
-@@ -9187,6 +9190,7 @@ check_pubkey (void)
-       "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
-       "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" }
-   },
-+#endif
-   { /* secp256k1 test 256 bit.  */
-     GCRY_PK_ECDSA, FLAG_SIGN,
-     {
 diff -up libgcrypt-1.7.3/tests/benchmark.c.eccfix libgcrypt-1.7.3/tests/benchmark.c
 --- libgcrypt-1.7.3/tests/benchmark.c.eccfix	2016-07-14 11:19:17.000000000 +0200
 +++ libgcrypt-1.7.3/tests/benchmark.c	2016-11-22 16:21:00.109004197 +0100
-@@ -1412,8 +1412,7 @@ ecc_bench (int iterations, int print_hea
+@@ -1412,7 +1412,7 @@ ecc_bench (int iterations, int print_hea
  {
  #if USE_ECC
    gpg_error_t err;
 -  const char *p_sizes[] = { "192", "224", "256", "384", "521", "Ed25519",
--              "gost256", "gost512" };
++  const char *p_sizes[] = { "224", "256", "384", "521", "Ed25519",
-+  const char *p_sizes[] = { "224", "256", "384", "521", "Ed25519" };
+               "gost256", "gost512" };
    int testno;
  
-   if (print_header)
 diff -up libgcrypt-1.7.3/tests/dsa-rfc6979.c.eccfix libgcrypt-1.7.3/tests/dsa-rfc6979.c
 --- libgcrypt-1.7.3/tests/dsa-rfc6979.c.eccfix	2016-02-18 09:38:03.000000000 +0100
 +++ libgcrypt-1.7.3/tests/dsa-rfc6979.c	2016-11-22 16:22:11.804674008 +0100

libgcrypt.spec

@@ -1,6 +1,6 @@
 Name: libgcrypt
-Version: 1.7.6
+Version: 1.7.7
-Release: 2%{?dist}
+Release: 1%{?dist}
 URL: http://www.gnupg.org/
 Source0: libgcrypt-%{version}-hobbled.tar.xz
 # The original libgcrypt sources now contain potentially patented ECC
@@ -15,7 +15,6 @@ Source3: hobble-libgcrypt
 Source4: ecc-curves.c
 Source5: curves.c
 Source6: t-mpi-point.c
-Source7: ecc-gost.c
 # make FIPS hmac compatible with fipscheck - non upstreamable
 # update on soname bump
 Patch2: libgcrypt-1.6.2-use-fipscheck.patch
@@ -87,7 +86,7 @@ applications using libgcrypt.
 %patch23 -p1 -b .aliasing
 %patch24 -p1 -b .urandom-only
 
-cp %{SOURCE4} %{SOURCE7} cipher/
+cp %{SOURCE4} cipher/
 cp %{SOURCE5} %{SOURCE6} tests/
 
 %build
@@ -197,6 +196,10 @@ exit 0
 %license COPYING
 
 %changelog
+* Fri Jun  2 2017 Tomáš Mráz <tmraz@redhat.com> 1.7.7-1
+- new upstream version 1.7.7
+- GOST is now enabled
+
 * Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.6-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
 

sources

@@ -1 +1 @@
-SHA512 (libgcrypt-1.7.6-hobbled.tar.xz) = 4aa981f4b270e480324dc3b021781c0b01a0f1fc5950654ccd379d47acbb791a2df612f212191ecac50c39a7ba83cc62de9a9271c663aad6d49721de14ecced5
+SHA512 (libgcrypt-1.7.7-hobbled.tar.xz) = 4e75594b8911581ce04f2594a5860644f07c69b4f28f7a2e20fd0476933ecd0159d3331bdbf5e61bffafddacdeebe4a7aa0f0d306e09ae6cf481e6a452359b98